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Claims : 



2 1. A proxy server for relaying communications between 

3 applications and for performing an additional process 

4 comprising: 

5 a key manager for managing multiple keys used to 

6 generate a digital signature to be provided for a message 

7 document that is exchanged between said applications; 

8 a signature key determiner for extracting said message 

9 document from a predetermined application, and for, based on 
said message document, determining a key used to provide a 
digital signature; and 

a signature generator for providing a digital signature 

^ for said message document by using said key that is obtained 

from said key manager based on a determination made by said 
P signature key determiner, and for transmitting said message 

1^ document with said digital signature to a destination 
If application. 

o 

ft 2. The proxy server according to claim 1, wherein said key 

19 manager sets multiple key selection rules for obtaining said 

20 key, and only when said key selection rules are satisfied 

21 can said signature generator obtain said key. 

22 3. The proxy server according to claim 2, wherein, when 

23 said key for generating a digital signature for said message 

24 document can not be obtained, said signature generator 

25 employs a replacement key that is defined in advance to 

26 provide a digital signature. 
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1 4. The proxy server according to claim 3, wherein, after 

2 said signature generator has provided a digital signature 

3 using said replacement key, when said acquisition condition 

4 that is determined for the original key based on said 

5 message document is satisfied to enable the acquisition of 

6 said original key, said signature generator again provides a 

7 digital signature using said original key. 

8 5. The proxy server according to claim 1, further 

9 comprising: 

IS a log manager for storing said message document with a 

digital signature provided by said signature generator, and 

•Ms 

i^"^ for managing a log, 

^ 6, The proxy server according to claim 4, wherein said log 

f4 manager stores not only said message document for which said 

'0 signature generator has provided a digital signature using 

K said replacement key, but also said message document without 
digital signature; and wherein said signature generator 
obtains, from said log manager, said message document 

19 without said digital signature, and provides a digital 

20 signature using said original key. 

21 7. A digital signature system comprising: 

22 applications for performing data processing; and 

23 a proxy server connected to said applications via a 

24 network, 

25 wherein said proxy server intercepts a communication, 

26 transmitted through said network, from an application to an 
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1 external destination device, provides a digital signature 

2 for a message document exchanged via said communication, and 

3 transmits said message document with said digital signature 

4 to said external destination device. 

5 8. The digital signature system according to claim 7^ 

6 wherein said proxy server permits a key used to provide a 

7 digital signature to be changed in accordance with the 

8 contents of a message document; and wherein said proxy 

9 server sets key selection rules for said key and permits 
digital signature using said key when said key selection 

y rules have been satisfied. 

^ . 9. The digital signature system according to claim 8, 

E$ wherein, when said key selection rules for said key used to 

^4 provide a digital signature for said message document have 

W5 not been satisfied, said proxy server employs a 

PI 

^6 predetermined replacement key to provide a digital 

W signature; and wherein, when said key selection rules for 

.^8 said key are satisfied after said digital signature has been 

19 provided using said replacement key, said proxy server again 

20 employs said key to provide a digital signature for said 

21 message document. 

22 10. A digital signature verification system comprising: 

23 applications for performing data processing; and 

24 a proxy server connected to said applications via a 

25 network, 

26 wherein said proxy server intercepts a communication 

27 from an external destination device to an application 



DOCKET NUMBER: JP920000300US1 



-34- 



1 transmitted through said network, verifies a digital 

2 signature provided for a message document exchanged via said 

3 communication, and transmits said message document that has 

4 been authorized. 



5 11. A network system comprising: 

6 multiple groups connected to a wide area network, all 

7 of which have applications for performing data processing 

8 and proxy servers connected to said applications via a local 

9 area network, 

10 wherein said proxy server intercepts a communication 

]^ transmitted by an application of a local group to an 

fi application of a different group, provides a digital 

16 signature for a message document exchanged via said 

p communication, and transmits said message document with said 

p digital signature to said application of said different 

|6 group, and 

0 wherein said proxy server intercepts a communication 

P from said application of said different group to said 

0 application of said local group, verifies a digital 

55 signature provided for a message document exchanged via said 

21 communication, and transmits said authorized message 

22 document to said application of said local group. 

23 12. The network system according to claim 11, wherein, when 

24 said application of said local group transmits a message 

25 document, said proxy server stores the message document with 

26 a digital signature in a log, and manages said log; wherein, 

27 when said application of said local group receives a message 

28 document from a different group, said proxy server stores in 
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a log a message document authenticated by a verification of 
a digital signature, and manages said log; and wherein, at a 
predetermined timing, said proxy server compares the 
transmission log with the reception log for the same message 
document, and authorizes communication. 

13. The network system according to claim 12, wherein said 
proxy server compares signature information for a digital 
signature concerning the same message document. 

14. The network system according to claim 12, wherein said 
proxy server compares hash values used for providing a 
digital signature for the same message document. 

15. A digital signature method comprising; providing a 
digital signature for a message document exchanged by 
applications and for authorizing said message document, 
including the steps of: 

selecting, in accordance with the type of a message 
document transmitted by a predetermined application, a key 
used for providing a digital signature for said message 
document; 

providing a digital signature for said message 
document, when key selection rules set for said key are not 
established, by using a replacement key that is set in 
advance for said key; 

transmitting said message document with said digital 
signature to a destination designated by said application; 
and 

using said key, when said key selection rules for said 
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key have been satisfied after said digital signature has 
been provided using said replacement key, to again provide a 
digital signature, and transmitting said message document 
with said digital signature to said destination. 

16. A digital signature verification method comprising: for 
verifying a digital signature provided for a message 
document exchanged by applications, and for authorizing said 
message document, including the steps of: 

accepting a message document with a digital signature 
that uses a replacement key, when said digital signature on 
said received message document has been provided by using 
said replacement key for an original key that is determined 
in accordance with the type of said message document; 

receiving a message document, after said message 
document signed using said replacement key has been 
accepted, with a digital signature that used said original 
key; and 

verifying a digital signature, provided using said 
original key, to authorize said message document with said 
digital signature that uses said replacement key. 

17. A storage medium on which input means of a computer 
stores a computer-readable program that permits said 
computer to function as: 

key management means for managing a key used to 
generate a digital signature to be provided for a message 
document that is exchanged between said applications; 

signature key determination means for extracting said 
message document from a predetermined application, and for. 
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based on said message document, determining a key used to 
provide a digital signature; and 

signature generation means for providing a digital 
signature for said message document by using said key that 
is obtained from said key management means based on a 
determination made by said signature key determination 
means . 

18. A storage medium on which input means of a computer 
stores a computer-readable program that permits said 
computer to perform: 

a process for selecting a key used to provide a digital 
signature for a message document in accordance with a type 
of message document transmitted from a predetermined 
application; 

a process for providing said digital signature for said 
message document using said key that is selected, and for 
employing a predetermined replacement key to provide said 
digital signature for said message document, when key 
selection rules for said key used to provide a digital 
signature for said message document have not been satisfied; 
and 

a process for employing said key to provide again a 
digital signature for said message document, when said key 
selection rules for said key are satisfied after said 
digital signature has been provided using said replacement 
key. 

19. A program transmission apparatus comprising: 
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1 storage means for storing a program that permits a computer 

2 to function as: 

3 key management means for managing a key used to 

4 generate a digital signature to be provided for a 

5 message document that is exchanged between said 

6 applications, 

7 signature key determination means for extracting 

8 said message document from a predetermined application, 

9 and for determining a key used to provide a digital 

10 signature based on said message document, and 

11 signature generation means for providing a digital 
signature for said message document by using said key 

% that is obtained from said key management means based 

^4|4 on a determination made by said signature key 

J|5 determination means; and 

B; 

fl6 transmission means for reading said program from said 
storage means, and for transmitting said program. 

08 20. A program transmission apparatus comprising: 

^9 storage means for storing a program that permits a 

20 computer to perform: 

21 a process for selecting a key used to provide a 

22 digital signature for a message document, in accordance with 

23 the type of message document transmitted from a 

24 predetermined application, 

25 a process for providing said digital signature for 

26 said message document using said key that is selected, and 

27 for employing a predetermined replacement key to provide 

28 said digital signature for said message document when key 
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selection rules for said key used to provide a digital 
signature for said message document have not been satisfied, 
and 

a process for, when said key selection rules for 
said key are satisfied after said digital signature has been 

provided using said replacement key, employing said key to 
provide again a digital signature for said message document; 
and 

transmission means for reading said program from said 
storage means, and for transmitting said program. 

21, A computer program product comprising a computer usable 
medium having computer readable program code means embodied 
therein for causing relaying communications between 
applications and performing an additional process, the 
computer readable program code means in said computer 
program product comprising computer readable program code 
means for causing a computer to effect the functions of 
claim 1. 

22, A computer program product comprising a computer usable 
medium having computer readable program code means embodied 
therein for causing a digital signature system, the computer 
readable program code means in said computer program product 
comprising computer readable program code means for causing 
a computer to effect the functions of claim 7. 

23, A computer program product comprising a computer usable 
medium having computer readable program code means embodied 
therein for a digital signature verification system, the 
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computer readable program code means in said computer 
program product comprising computer readable program code 
means for causing a computer to effect the functions of 
claim 10, 

24. A computer program product comprising a computer usable 
medium having computer readable program code means embodied 
therein for a network system, the computer readable program 
code means in said computer program product comprising 
computer readable program code means for causing a computer 
to effect the functions of claim 11 • 

25. An article of manufacture comprising a computer usable 
medium having computer readable program code means embodied 
therein for causing a digital signature method, the computer 
readable program code means in said article of manufacture 
comprising computer readable program code means for causing 
a computer to effect the steps of claim 15, 

26. An article of manufacture comprising a computer usable 
medium having computer readable program code means embodied 
therein for causing a digital signature verification method, 
the computer readable program code means in said article of 
manufacture comprising computer readable program code means 
for causing a computer to effect the steps of claim 16. 

27. A program storage device readable by machine, tangibly 
embodying a program of instructions executable by the 
machine to perform method steps for a digital signature 
method, said method steps comprising the steps of claim 15. 
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28. A program storage device readable by machine, tangibly 
embodying a program of instructions executable by the 
machine to perform method steps for a digital signature 
verification method, said method steps comprising the steps 
of claim 16. 
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